We have an interesting scenario we need to overcome. Consider the following:
NET1-----FWA---(internet)---FWB------NET2 NET1/FWA and NET2/FWB are owned and managed by different companies, so there is no management interaction between them. People connected to NET1 will be making outbound connections to NET2. We want to establish a VPN connection between FWA and FWB which is simple enough, however people on NET1 will also be required to authenticate and encrypt to FWA for traffic going to NET2. The results in two almost identical rules on FWA: 1. NET1 ---> NET2 Any Client Encrypt 2. NET1 ---> NET2 Any Encrypt The testing I have done seems to result in Rule 2 overriding Rule 1 and the client is never prompted for their SecuRemote password. We are using FW1 4.1 but hope to upgrade to NG shortly. Has anyone come across this situation before and find a solution ?? Any suggestions will be appreciated. Cheers John ================================================= To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
